Resmark API: Getting Started
The Resmark API allows external applications to interact with your Resmark account programmatically. You can retrieve product and inventory data, create and manage shopping carts, place orders, pull reports, and more. The API follows REST conventions and communicates using JSON.
Base URLs
Production:
https://app.resmarksystems.com/public/api
Sandbox (for testing):
https://sandbox.resmarksystems.com/public/api
The sandbox environment is a clone of production, updated every 5 to 10 days. Use it for development and testing without affecting live data. Sandbox does not send real emails or process real payments.
Setting Up API Access
- Log into your Resmark account as a user with the API Integration permission enabled
- Navigate to Settings > API Integration
- Generate an API key
The API key is account-level and does not expire, but can be reset on demand from the same page. Resetting the key immediately invalidates the previous one.
The API Integration permission controls whether a user can access the Settings > API Integration page. If you don't see this option, ask your account administrator to enable it for your user.
Authentication
The Resmark API uses bearer token authentication. Before making any API calls, you need to exchange your API key for a token.
Step 1: Get a bearer token
POST /authenticate
Parameter | Type | Required | Description |
|---|---|---|---|
username | string | Yes | Email address of any valid user on the account, or their AlternativeId |
apikey | string | Yes | API key from Settings > API Integration |
Example request:
{
"username": "yourown@emailaddress.com",
"apikey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx"
}
A successful response returns a bearer token string.
Step 2: Include the token in all subsequent requests
Add the token to the Authorization header on every API call:
Authorization: Bearer [your_token_here]
The only endpoints that do not require the bearer token are /authenticate and /login.
Token Details
Tokens expire after 24 hours. When a token expires, call /authenticate again to get a new one.
The token carries the Resmark permissions of the user who authenticated. This means API access may be limited based on what that user is allowed to do in the app. For full API access, authenticate with a user who has the necessary permissions for the endpoints you plan to use.
General Notes
These apply across all Resmark API endpoints:
- Orders created via API are automatically marked as paid. No real payment is collected. The order is recorded as paid by an external source.
- Customer email notifications are disabled by default when creating orders via API. Set
disableConfirmationEmail: falsein the order request if you want confirmation emails sent. - Cart inventory locks expire after 30 minutes. When inventory is added to a cart, those seats are held for 30 minutes. Use the cart renew endpoint to extend the lock if needed.
- Report data is generated nightly. Data for the current day will not be available until the following day.
API Reference
The full API is documented across these articles:
- Resmark API: Third Party Authentication — Redirect users into Resmark with a pre-populated cart
- Resmark API: Products — Retrieve product listings, inventory, pricing, and pickup options
- Resmark API: Cart — Create carts, add inventory, set customer info, and apply discounts
- Resmark API: Orders — Place orders and handle full or partial cancellations
- Resmark API: Reports — Pull accrual, transaction, mailing list, and manifest data
- Resmark API: Tags & Resellers — Look up product tags and reseller information
Updated on: 06/24/2026
Thank you!